OGMWVC 55

TESTING
Testing Introduction
Software testing is a critical element of software quality assurance and
represents the ultimate review of specification, design and coding. The increasing
visibility of software as a system element and attendant costs associated with a software
failure are motivating factors for we planned, through testing. Testing is the process of
executing a program with the intent of finding an error. The design of tests for software
and other engineered products can be as challenging as the initial design of the product
itself. There of basically two types of testing approaches.
One is Black-Box testing the specified function that a product has been
designed to perform, tests can be conducted that demonstrate each function is
fully operated.
The other is White-Box testing knowing the internal workings of the
product ,tests can be conducted to ensure that the internal operation of the
product performs according to specifications and all internal components have
been adequately exercised.
White - box and Black -box testing methods have been used to test
this package. All the loop constructs have been tested for their boundary
and intermediate conditions. The test data was designed with a view to
check for all the conditions and logical decisions. Error handling has been
taken care of by the use of exception handlers.
7.1 Unit Testing
Unit testing focuses verification effort on the smallest unit of software design
the module. The unit test is always white box oriented. The tests that occur as part of
unit testing are testing the module interface, examining the local data structures, testing
the boundary conditions, executing all the independent paths and testing error-handling
paths.

TESTING
OGMWVC 56

7.2 White Box Testing
The purpose of any security testing method is to ensure the robustness of a
system in the face of malicious attacks or regular software failures. White box testing is
performed based on the knowledge of how the system is implemented. White box
testing includes analyzing data flow, control flow, information flow, coding practices,
and exception and error handling within the system, to test the intended and unintended
software behavior. White box testing can be performed to validate whether code
implementation follows intended design, to validate implemented security functionality,
and to uncover exploitable vulnerabilities.
White box testing requires access to the source code. Though white box testing
can be performed any time in the life cycle after the code is developed, it is a good
practice to perform white box testing during the unit testing phase.
White box testing requires knowing what makes software secure or insecure,
how to think like an attacker, and how to use different testing tools and techniques. The
first step in white box testing is to comprehend and analyze source code, so knowing
what makes software secure is a fundamental requirement. Second, to create tests that
exploit software, a tester must think like an attacker. Third, to perform testing
effectively, testers need to know the different tools and techniques available for white
box testing. The three requirements do not work in isolation, but together.
7.3 Black Box Testing
Also known as functional testing. A software testing technique whereby the
internal workings of the item being tested are not known by the tester. For example, in a
black box test on software design the tester only knows the inputs and what the
expected outcomes should be and not how the program arrives at those outputs. The
tester does not ever examine the programming code and does not need any further
knowledge of the program other than its specifications.


TESTING
OGMWVC 57

The advantages of this type of testing include:
The test is unbiased because the designer and the tester are independent of each
other.
The tester does not need knowledge of any specific programming languages.
The test is done from the point of view of the user, not the designer.
Test cases can be designed as soon as the specifications are complete.
7.4 Integration Testing
Integration testing is a systematic technique for constructing the program
structure while at the same time conducting tests to uncover errors associated with
interfacing. Scope of testing summarizes the specific functional, performance, and
internal design characteristics that are to be tested. It employs top-down testing and
bottom-up testing methods for this case.
Validation
The terms verification and validations are used interchangeably we will describe
both these methods. Verification is the process of determining whether or not the
products of given phase of software development fulfill the specifications established in
the previous phase. These activities include proving and reviews. Validation is the
process of evaluating the software at the end of software development process, we find
how well the software satisfies the requirement specifications. The requirement of the
software starts with requirement document and requirement specifications without
errors and specifying clients requirements correctly. The validation process of
evaluating the developed system at the end is to ensure that it must satisfy all the
necessary requirement specification. Requirement verification also checks the factors
as completeness, consistency and testability of the requirements.

As we all know that testing plays a crucial role in evaluation of the system. That
is in order to know whether the system working properly or not. In other words we can
say that in order to know whether the system which we have developed will give the
expected output or not can be know by doing the testing. Testing phase comes after
TESTING
OGMWVC 58

coding phase. Usually organizations or the software developing companies use different
types of testing strategies in order to evaluate the performance of a system. Also it gives
the output which provides clear information regarding the project or system, whether
the project which we have developed will going to give the expected output or not, that
is whether the system fails or succeed in the market.
We have many types of testing such as unit testing, integration testing, system
testing, black box testing, white box testing and regression analysis testing and so on.
In our project Secure Cryptographic messaging we are using unit testing, integration
testing, and system testing.
Unit testing is the one in which each entity or objects in the module will be
tested. Once the entity is evaluated to be tested successfully than will move further with
the kind of testing. That is once unit testing is done with all modules, than integration
testing will be done, on the every module or on group of two or three modules. Finally
system testing will be done , in which all the modules of a system will be tested at once
, there by getting the overall performance of a system that means we can conclude the
result on the entire system whether our system is working as per our requirements or as
per our expectations or not. The advantage of developing or testing modules wise is
that, we can reduce the effort, cost and time. Because if we are testing module wise
than we can know clearly which module is working fine and which module is not
working, thereby the module which is not working perfectly can be evaluated once
again by going necessary modifications unlike the system being tested on a whole,
where if any errors comes in than the entire system need to be tested or evaluated which
consumes more effort, time and cost.






TESTING
OGMWVC 59

7.5 Test Cases


Test
Case
Check
Item
Test Case
Objective
Steps To
Execute
Expected Result
TC-001 Log-in
Page
Leave all fields as
blank and click
Log-in button
Click log-in By leaving all fields as blank
and on click Log-in button
then mandatory symbol ( * )
should appear in front of
Username and Password
fields
TC-002 Username Enter invalid
username
NA By entering invalid Username
then an error message should
appear as " Please Enter Valid
Username "
TC-003 Username Enter invalid
username
NA It should allow the user to
proceed
TC-004 Password NA The password field should
display the encrypted format
of the text typed as (****)
TC-005 Password Enter wrong
password
NA By entering invalid password
then an error message should
appear as " Please Enter
Correct Password "
TC-006 Password Enter correct
password
NA It should allow the user to
proceed